ISHACK AI BOT

FreeBSD: VID-6BD2773C-CF1A-11ED-BD44-080027F5FEC9 (CVE-2023-28756): rubygem-time -- ReDoS vulnerability Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 03/30/2023 Created 04/04/2023 Added 04/01/2023 Modified 01/28/2025 Description A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2. Solution(s) freebsd-upgrade-package-ruby freebsd-upgrade-package-ruby27 freebsd-upgrade-package-ruby30 freebsd-upgrade-package-ruby31 freebsd-upgrade-package-ruby32 freebsd-upgrade-package-rubygem-time References CVE-2023-28756

Debian: CVE-2023-1670: linux -- security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/30/2023 Created 05/05/2023 Added 05/01/2023 Modified 01/28/2025 Description A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-1670 CVE - 2023-1670 DLA-3403-1 DLA-3404-1

FreeBSD: VID-54006796-CF7B-11ED-A5D5-001B217B3468 (CVE-2023-0523): Gitlab -- Multiple Vulnerabilities Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 03/30/2023 Created 04/04/2023 Added 04/01/2023 Modified 01/28/2025 Description Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below. From VID-54006796-CF7B-11ED-A5D5-001B217B3468: Gitlab reports: Cross-site scripting in "Maximum page reached" page Private project guests can read new changes using a fork Mirror repository error reveals password in Settings UI DOS and high resource consumption of Prometheus server through abuse of Prometheus integration proxy endpoint Unauthenticated users can view Environment names from public projects limited to project members only Copying information to the clipboard could lead to the execution of unexpected commands Maintainer can leak masked webhook secrets by adding a new parameter to the webhook URL Arbitrary HTML injection possible when :soft_email_confirmation feature flag is enabled in the latest release Framing of arbitrary content (leading to open redirects) on any page allowing user controlled markdown MR for security reports are available to everyone API timeout when searching for group issues Unauthorised user can add child epics linked to victim's epic in an unrelated group GitLab search allows to leak internal notes Ambiguous branch name exploitation in GitLab Improper permissions checks for moving an issue Private project branches names can be leaked through a fork Solution(s) freebsd-upgrade-package-gitlab-ce References CVE-2023-0523

FreeBSD: VID-54006796-CF7B-11ED-A5D5-001B217B3468 (CVE-2023-1167): Gitlab -- Multiple Vulnerabilities Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 03/30/2023 Created 04/04/2023 Added 04/01/2023 Modified 01/28/2025 Description Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below. From VID-54006796-CF7B-11ED-A5D5-001B217B3468: Gitlab reports: Cross-site scripting in "Maximum page reached" page Private project guests can read new changes using a fork Mirror repository error reveals password in Settings UI DOS and high resource consumption of Prometheus server through abuse of Prometheus integration proxy endpoint Unauthenticated users can view Environment names from public projects limited to project members only Copying information to the clipboard could lead to the execution of unexpected commands Maintainer can leak masked webhook secrets by adding a new parameter to the webhook URL Arbitrary HTML injection possible when :soft_email_confirmation feature flag is enabled in the latest release Framing of arbitrary content (leading to open redirects) on any page allowing user controlled markdown MR for security reports are available to everyone API timeout when searching for group issues Unauthorised user can add child epics linked to victim's epic in an unrelated group GitLab search allows to leak internal notes Ambiguous branch name exploitation in GitLab Improper permissions checks for moving an issue Private project branches names can be leaked through a fork Solution(s) freebsd-upgrade-package-gitlab-ce References CVE-2023-1167

CentOS Linux: CVE-2023-27533: Moderate: curl security update (CESA-2023:6679) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/30/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/28/2025 Description A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application's intent. This vulnerability could be exploited if an application allows user input, thereby enabling attackers to execute arbitrary code on the system. Solution(s) centos-upgrade-curl centos-upgrade-curl-debuginfo centos-upgrade-curl-debugsource centos-upgrade-curl-minimal centos-upgrade-curl-minimal-debuginfo centos-upgrade-libcurl centos-upgrade-libcurl-debuginfo centos-upgrade-libcurl-devel centos-upgrade-libcurl-minimal centos-upgrade-libcurl-minimal-debuginfo References CVE-2023-27533

CentOS Linux: CVE-2023-27535: Moderate: curl security update (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 03/30/2023 Created 05/15/2023 Added 05/15/2023 Modified 01/28/2025 Description An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information. Solution(s) centos-upgrade-curl centos-upgrade-curl-debuginfo centos-upgrade-curl-debugsource centos-upgrade-curl-minimal centos-upgrade-curl-minimal-debuginfo centos-upgrade-libcurl centos-upgrade-libcurl-debuginfo centos-upgrade-libcurl-devel centos-upgrade-libcurl-minimal centos-upgrade-libcurl-minimal-debuginfo References CVE-2023-27535

Amazon Linux AMI 2: CVE-2023-27537: Security patch for curl (ALAS-2023-2070) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 03/30/2023 Created 06/08/2023 Added 06/08/2023 Modified 01/30/2025 Description A double free vulnerability exists in libcurl <8.0.0 when sharing HSTS data between separate "handles". This sharing was introduced without considerations for do this sharing across separate threads but there was no indication of this fact in the documentation. Due to missing mutexes or thread locks, two threads sharing the same HSTS data could end up doing a double-free or use-after-free. Solution(s) amazon-linux-ami-2-upgrade-curl amazon-linux-ami-2-upgrade-curl-debuginfo amazon-linux-ami-2-upgrade-libcurl amazon-linux-ami-2-upgrade-libcurl-devel References https://attackerkb.com/topics/cve-2023-27537 AL2/ALAS-2023-2070 CVE - 2023-27537

Huawei EulerOS: CVE-2023-27538: curl security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 03/30/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However, two SSH settings were omitted from the configuration check, allowing them to match easily, potentially leading to the reuse of an inappropriate connection. Solution(s) huawei-euleros-2_0_sp11-upgrade-curl huawei-euleros-2_0_sp11-upgrade-libcurl References https://attackerkb.com/topics/cve-2023-27538 CVE - 2023-27538 EulerOS-SA-2023-2677

SUSE: CVE-2023-27537: SUSE Linux Security Advisory Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 03/30/2023 Created 06/14/2023 Added 06/13/2023 Modified 01/28/2025 Description A double free vulnerability exists in libcurl <8.0.0 when sharing HSTS data between separate "handles". This sharing was introduced without considerations for do this sharing across separate threads but there was no indication of this fact in the documentation. Due to missing mutexes or thread locks, two threads sharing the same HSTS data could end up doing a double-free or use-after-free. Solution(s) suse-upgrade-curl suse-upgrade-libcurl-devel suse-upgrade-libcurl4 suse-upgrade-libcurl4-32bit References https://attackerkb.com/topics/cve-2023-27537 CVE - 2023-27537

Debian: CVE-2023-24472: openimageio -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 03/30/2023 Created 08/09/2023 Added 08/08/2023 Modified 01/28/2025 Description A denial of service vulnerability exists in the FitsOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted ImageOutput Object can lead to denial of service. An attacker can provide malicious input to trigger this vulnerability. Solution(s) debian-upgrade-openimageio References https://attackerkb.com/topics/cve-2023-24472 CVE - 2023-24472 DLA-3518-1

VMware Photon OS: CVE-2023-27533 Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/30/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application's intent. This vulnerability could be exploited if an application allows user input, thereby enabling attackers to execute arbitrary code on the system. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-27533 CVE - 2023-27533

Aruba AOS-10: CVE-2022-47522: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 03/30/2023 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description The paper specifically mentions certain Aruba WLAN products running ArubaOS version 8.4.0.0 as affected. After further investigation, Aruba separates the vulnerabilities described in the paper in the following 3 scenarios: 1) Exploiting Power Save Features: No Aruba Products are vulnerable to this scenario. 2) Security Context Override (SCO): All versions of the Aruba products listed under the Affected Products section are vulnerable to this attack. An attacker needs to be authenticated to the Wi-Fi network using valid credentials before being able to carry out the attack. This would imply that the vulnerability requires an insider threat to be exploited. Data encryption such as TLS prevents the disclosure of sensitive information or allowing an attacker to steal the victims session. 3) Fast Reconnect Attack: The following Aruba products and versions are affected: - ArubaOS Wi-Fi Controllers and Campus/ Remote Access Points - 8.9.0.3 and below - 8.6.0.20 and below - Aruba InstantOS / Aruba Access Points running ArubaOS 10 - 10.3.1.0 and below - 8.9.0.3 and below - 8.8.0.3 and below - 8.7.1.11 and below - 8.6.0.18 and below - 6.5.4.23 and below - 6.4.4.8-4.2.4.20 and below - Aruba Instant On Access Points - 2.8 and below The published paper can be found at https://papers.mathyvanhoef.com/usenix2023-wifi.pdf Solution(s) aruba-aos-10-cve-2022-47522 References https://attackerkb.com/topics/cve-2022-47522 CVE - 2022-47522 https://csaf.arubanetworks.com/2023/hpe_aruba_networking_-_2023-005.json

VMware Photon OS: CVE-2023-27538 Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 03/30/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However, two SSH settings were omitted from the configuration check, allowing them to match easily, potentially leading to the reuse of an inappropriate connection. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-27538 CVE - 2023-27538

VMware Photon OS: CVE-2023-27536 Severity 5 CVSS (AV:N/AC:H/Au:N/C:C/I:N/A:N) Published 03/30/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-27536 CVE - 2023-27536

Huawei EulerOS: CVE-2023-27535: curl security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 03/30/2023 Created 05/10/2023 Added 05/09/2023 Modified 01/28/2025 Description An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information. Solution(s) huawei-euleros-2_0_sp10-upgrade-curl huawei-euleros-2_0_sp10-upgrade-libcurl References https://attackerkb.com/topics/cve-2023-27535 CVE - 2023-27535 EulerOS-SA-2023-1816

Rocky Linux: CVE-2023-27536: curl (RLSA-2023-4523) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 03/30/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/28/2025 Description An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed. Solution(s) rocky-upgrade-curl rocky-upgrade-curl-debuginfo rocky-upgrade-curl-debugsource rocky-upgrade-libcurl rocky-upgrade-libcurl-debuginfo rocky-upgrade-libcurl-devel rocky-upgrade-libcurl-minimal rocky-upgrade-libcurl-minimal-debuginfo References https://attackerkb.com/topics/cve-2023-27536 CVE - 2023-27536 https://errata.rockylinux.org/RLSA-2023:4523

Amazon Linux AMI 2: CVE-2023-27535: Security patch for curl (ALAS-2023-2070) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 03/30/2023 Created 06/08/2023 Added 06/08/2023 Modified 01/28/2025 Description An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information. Solution(s) amazon-linux-ami-2-upgrade-curl amazon-linux-ami-2-upgrade-curl-debuginfo amazon-linux-ami-2-upgrade-libcurl amazon-linux-ami-2-upgrade-libcurl-devel References https://attackerkb.com/topics/cve-2023-27535 AL2/ALAS-2023-2070 CVE - 2023-27535

Red Hat: CVE-2023-27538: SSH connection too eager reuse still (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 03/30/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/28/2025 Description An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However, two SSH settings were omitted from the configuration check, allowing them to match easily, potentially leading to the reuse of an inappropriate connection. Solution(s) redhat-upgrade-curl redhat-upgrade-curl-debuginfo redhat-upgrade-curl-debugsource redhat-upgrade-curl-minimal redhat-upgrade-curl-minimal-debuginfo redhat-upgrade-libcurl redhat-upgrade-libcurl-debuginfo redhat-upgrade-libcurl-devel redhat-upgrade-libcurl-minimal redhat-upgrade-libcurl-minimal-debuginfo References CVE-2023-27538 RHSA-2023:6679

Red Hat: CVE-2023-27533: TELNET option IAC injection (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/30/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/30/2025 Description A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application's intent. This vulnerability could be exploited if an application allows user input, thereby enabling attackers to execute arbitrary code on the system. Solution(s) redhat-upgrade-curl redhat-upgrade-curl-debuginfo redhat-upgrade-curl-debugsource redhat-upgrade-curl-minimal redhat-upgrade-curl-minimal-debuginfo redhat-upgrade-libcurl redhat-upgrade-libcurl-debuginfo redhat-upgrade-libcurl-devel redhat-upgrade-libcurl-minimal redhat-upgrade-libcurl-minimal-debuginfo References CVE-2023-27533 RHSA-2023:6679

Ubuntu: (Multiple Advisories) (CVE-2023-1670): Linux kernel (OEM) vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/30/2023 Created 05/05/2023 Added 04/21/2023 Modified 01/28/2025 Description A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system. Solution(s) ubuntu-upgrade-linux-image-4-15-0-1068-dell300x ubuntu-upgrade-linux-image-4-15-0-1122-oracle ubuntu-upgrade-linux-image-4-15-0-1143-kvm ubuntu-upgrade-linux-image-4-15-0-1153-gcp ubuntu-upgrade-linux-image-4-15-0-1153-snapdragon ubuntu-upgrade-linux-image-4-15-0-1159-aws ubuntu-upgrade-linux-image-4-15-0-1168-azure ubuntu-upgrade-linux-image-4-15-0-214-generic ubuntu-upgrade-linux-image-4-15-0-214-generic-lpae ubuntu-upgrade-linux-image-4-15-0-214-lowlatency ubuntu-upgrade-linux-image-4-4-0-1118-aws ubuntu-upgrade-linux-image-4-4-0-1119-kvm ubuntu-upgrade-linux-image-4-4-0-1156-aws ubuntu-upgrade-linux-image-4-4-0-240-generic ubuntu-upgrade-linux-image-4-4-0-240-lowlatency ubuntu-upgrade-linux-image-5-15-0-1022-gkeop ubuntu-upgrade-linux-image-5-15-0-1032-ibm ubuntu-upgrade-linux-image-5-15-0-1032-raspi ubuntu-upgrade-linux-image-5-15-0-1032-raspi-nolpae ubuntu-upgrade-linux-image-5-15-0-1033-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1035-kvm ubuntu-upgrade-linux-image-5-15-0-1036-gcp ubuntu-upgrade-linux-image-5-15-0-1036-gke ubuntu-upgrade-linux-image-5-15-0-1037-oracle ubuntu-upgrade-linux-image-5-15-0-1038-aws ubuntu-upgrade-linux-image-5-15-0-1040-azure ubuntu-upgrade-linux-image-5-15-0-1040-azure-fde ubuntu-upgrade-linux-image-5-15-0-1041-azure-fde ubuntu-upgrade-linux-image-5-15-0-75-generic ubuntu-upgrade-linux-image-5-15-0-75-generic-64k ubuntu-upgrade-linux-image-5-15-0-75-generic-lpae ubuntu-upgrade-linux-image-5-15-0-75-lowlatency ubuntu-upgrade-linux-image-5-15-0-75-lowlatency-64k ubuntu-upgrade-linux-image-5-17-0-1032-oem ubuntu-upgrade-linux-image-5-19-0-1021-raspi ubuntu-upgrade-linux-image-5-19-0-1021-raspi-nolpae ubuntu-upgrade-linux-image-5-19-0-1024-ibm ubuntu-upgrade-linux-image-5-19-0-1025-kvm ubuntu-upgrade-linux-image-5-19-0-1025-oracle ubuntu-upgrade-linux-image-5-19-0-1026-gcp ubuntu-upgrade-linux-image-5-19-0-1027-aws ubuntu-upgrade-linux-image-5-19-0-1027-lowlatency ubuntu-upgrade-linux-image-5-19-0-1027-lowlatency-64k ubuntu-upgrade-linux-image-5-19-0-1028-azure ubuntu-upgrade-linux-image-5-19-0-45-generic ubuntu-upgrade-linux-image-5-19-0-45-generic-64k ubuntu-upgrade-linux-image-5-19-0-45-generic-lpae ubuntu-upgrade-linux-image-5-4-0-1017-iot ubuntu-upgrade-linux-image-5-4-0-1024-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1051-ibm ubuntu-upgrade-linux-image-5-4-0-1065-bluefield ubuntu-upgrade-linux-image-5-4-0-1071-gkeop ubuntu-upgrade-linux-image-5-4-0-1088-raspi ubuntu-upgrade-linux-image-5-4-0-1093-kvm ubuntu-upgrade-linux-image-5-4-0-1102-gke ubuntu-upgrade-linux-image-5-4-0-1103-oracle ubuntu-upgrade-linux-image-5-4-0-1104-aws ubuntu-upgrade-linux-image-5-4-0-1107-gcp ubuntu-upgrade-linux-image-5-4-0-1110-azure ubuntu-upgrade-linux-image-5-4-0-152-generic ubuntu-upgrade-linux-image-5-4-0-152-generic-lpae ubuntu-upgrade-linux-image-5-4-0-152-lowlatency ubuntu-upgrade-linux-image-6-0-0-1017-oem ubuntu-upgrade-linux-image-6-1-0-1009-oem ubuntu-upgrade-linux-image-6-2-0-1003-ibm ubuntu-upgrade-linux-image-6-2-0-1005-aws ubuntu-upgrade-linux-image-6-2-0-1005-azure ubuntu-upgrade-linux-image-6-2-0-1005-lowlatency ubuntu-upgrade-linux-image-6-2-0-1005-lowlatency-64k ubuntu-upgrade-linux-image-6-2-0-1005-oracle ubuntu-upgrade-linux-image-6-2-0-1006-kvm ubuntu-upgrade-linux-image-6-2-0-1006-raspi ubuntu-upgrade-linux-image-6-2-0-1006-raspi-nolpae ubuntu-upgrade-linux-image-6-2-0-1007-gcp ubuntu-upgrade-linux-image-6-2-0-23-generic ubuntu-upgrade-linux-image-6-2-0-23-generic-64k ubuntu-upgrade-linux-image-6-2-0-23-generic-lpae ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-hwe ubuntu-upgrade-linux-image-aws-lts-18-04 ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-18-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-dell300x ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-18-04 ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-16-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04 ubuntu-upgrade-linux-image-generic-lts-xenial ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gke-5-4 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-16-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-lts-xenial ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-22-04 ubuntu-upgrade-linux-image-oem-22-04a ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-18-04 ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-16-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 ubuntu-upgrade-linux-image-virtual-lts-xenial ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2023-1670 CVE - 2023-1670 USN-6033-1 USN-6045-1 USN-6123-1 USN-6124-1 USN-6171-1 USN-6172-1 USN-6175-1 USN-6185-1 USN-6186-1 USN-6187-1 USN-6207-1 USN-6222-1 USN-6223-1 USN-6252-1 USN-6256-1 View more

CentOS Linux: CVE-2023-1393: Important: tigervnc and xorg-x11-server security update (CESA-2023:1594) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/30/2023 Created 05/05/2023 Added 04/06/2023 Modified 01/28/2025 Description A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later. Solution(s) centos-upgrade-tigervnc centos-upgrade-tigervnc-debuginfo centos-upgrade-tigervnc-icons centos-upgrade-tigervnc-license centos-upgrade-tigervnc-server centos-upgrade-tigervnc-server-applet centos-upgrade-tigervnc-server-minimal centos-upgrade-tigervnc-server-module centos-upgrade-xorg-x11-server-common centos-upgrade-xorg-x11-server-debuginfo centos-upgrade-xorg-x11-server-devel centos-upgrade-xorg-x11-server-source centos-upgrade-xorg-x11-server-xdmx centos-upgrade-xorg-x11-server-xephyr centos-upgrade-xorg-x11-server-xnest centos-upgrade-xorg-x11-server-xorg centos-upgrade-xorg-x11-server-xvfb centos-upgrade-xorg-x11-server-xwayland References CVE-2023-1393

Ubuntu: (CVE-2022-4744): linux-oem-5.14 vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/30/2023 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the system. Solution(s) ubuntu-upgrade-linux-oem-5-14 References https://attackerkb.com/topics/cve-2022-4744 CVE - 2022-4744 https://git.kernel.org/linus/158b515f703e75e7d68289bf4d98c664e1d632df https://www.cve.org/CVERecord?id=CVE-2022-4744

VMware Photon OS: CVE-2023-25809 Severity 3 CVSS (AV:L/AC:H/Au:M/C:P/I:P/A:P) Published 03/29/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes `/sys/fs/cgroup` writable in following conditons: 1. when runc is executed inside the user namespace, and the `config.json` does not specify the cgroup namespace to be unshared (e.g.., `(docker|podman|nerdctl) run --cgroupns=host`, with Rootless Docker/Podman/nerdctl) or 2. when runc is executed outside the user namespace, and `/sys` is mounted with `rbind, ro` (e.g., `runc spec --rootless`; this condition is very rare). A container may gain the write access to user-owned cgroup hierarchy `/sys/fs/cgroup/user.slice/...` on the host . Other users's cgroup hierarchies are not affected. Users are advised to upgrade to version 1.1.5. Users unable to upgrade may unshare the cgroup namespace (`(docker|podman|nerdctl) run --cgroupns=private)`. This is the default behavior of Docker/Podman/nerdctl on cgroup v2 hosts. or add `/sys/fs/cgroup` to `maskedPaths`. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-25809 CVE - 2023-25809

Debian: CVE-2022-44370: nasm -- security update Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 03/29/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description NASM v2.16 was discovered to contain a heap buffer overflow in the component quote_for_pmake() asm/nasm.c:856 Solution(s) debian-upgrade-nasm References https://attackerkb.com/topics/cve-2022-44370 CVE - 2022-44370

CentOS Linux: CVE-2023-0836: Moderate: haproxy security and bug fix update (CESA-2023:6496) Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 03/29/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/28/2025 Description An information leak vulnerability was discovered in HAProxy 2.1, 2.2 before 2.2.27, 2.3, 2.4 before 2.4.21, 2.5 before 2.5.11, 2.6 before 2.6.8, 2.7 before 2.7.1. There are 5 bytes left uninitialized in the connection buffer when encoding the FCGI_BEGIN_REQUEST record. Sensitive data may be disclosed to configured FastCGI backends in an unexpected way. Solution(s) centos-upgrade-haproxy centos-upgrade-haproxy-debuginfo centos-upgrade-haproxy-debugsource References DSA-5388 CVE-2023-0836